admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-10-07 20:00:38 +00:00
parent 00806c08ac
commit 4f5bea9f96
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
11 changed files with 856 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
2024/27xxx/CVE-2024-27310.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Zoho ManageEngine\u00a0ADSelfService Plus versions below\u00a06401 are vulnerable to the DOS attack due to the malicious LDAP query."
"value": "Zoho ManageEngine\u00a0ADSelfService Plus versions below\u00a06401 are vulnerable to the DOS attack due to the malicious LDAP input."
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
"cweId": "CWE-90"
}
]
}

85
2024/31xxx/CVE-2024-31227.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31227",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem exists in Redis 7 prior to versions 7.2.6 and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "redis",
"product": {
"product_data": [
{
"product_name": "redis",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 7.0.0, < 7.2.6"
},
{
"version_affected": "=",
"version_value": ">= 7.3.0, < 7.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/redis/redis/security/advisories/GHSA-38p4-26x2-vqhh",
"refsource": "MISC",
"name": "https://github.com/redis/redis/security/advisories/GHSA-38p4-26x2-vqhh"
},
{
"url": "https://github.com/redis/redis/commit/b351d5a3210e61cc3b22ba38a723d6da8f3c298a",
"refsource": "MISC",
"name": "https://github.com/redis/redis/commit/b351d5a3210e61cc3b22ba38a723d6da8f3c298a"
}
]
},
"source": {
"advisory": "GHSA-38p4-26x2-vqhh",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

89
2024/31xxx/CVE-2024-31228.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31228",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-674: Uncontrolled Recursion",
"cweId": "CWE-674"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "redis",
"product": {
"product_data": [
{
"product_name": "redis",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 2.2.5, < 6.2.16"
},
{
"version_affected": "=",
"version_value": ">= 7.0.0, < 7.2.6"
},
{
"version_affected": "=",
"version_value": ">= 7.3.0, < 7.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976",
"refsource": "MISC",
"name": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976"
},
{
"url": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0",
"refsource": "MISC",
"name": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0"
}
]
},
"source": {
"advisory": "GHSA-66gq-c942-6976",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

98
2024/31xxx/CVE-2024-31449.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-31449",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "redis",
"product": {
"product_data": [
{
"product_name": "redis",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 2.6, < 6.2.16"
},
{
"version_affected": "=",
"version_value": ">= 7.0.0, < 7.2.6"
},
{
"version_affected": "=",
"version_value": ">= 7.3.0, < 7.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5",
"refsource": "MISC",
"name": "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5"
},
{
"url": "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9",
"refsource": "MISC",
"name": "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9"
}
]
},
"source": {
"advisory": "GHSA-whxg-wx83-85p5",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

76
2024/47xxx/CVE-2024-47079.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47079",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not have proper checks to ensure a remote hardware control message was received should be considered valid. This issue has been addressed in release version 2.5.1. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345: Insufficient Verification of Data Authenticity",
"cweId": "CWE-345"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "meshtastic",
"product": {
"product_data": [
{
"product_name": "firmware",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 2.5.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/meshtastic/firmware/security/advisories/GHSA-h8mh-p4r3-4jv7",
"refsource": "MISC",
"name": "https://github.com/meshtastic/firmware/security/advisories/GHSA-h8mh-p4r3-4jv7"
}
]
},
"source": {
"advisory": "GHSA-h8mh-p4r3-4jv7",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
]
}

107
2024/47xxx/CVE-2024-47971.json
View File

@ -1,17 +1,116 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47971",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "Security@Solidigm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper error handling in firmware of some SSD DC Products may allow an attacker to enable denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Error Handling"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Solidigm",
"product": {
"product_data": [
{
"product_name": "D5-P5316",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "ACV10340"
},
{
"version_affected": "=",
"version_value": "ACV1MA10"
}
]
}
},
{
"product_name": "D7-P5520",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9CV10410"
},
{
"version_affected": "=",
"version_value": "9CV1MA70"
}
]
}
},
{
"product_name": "D7-P5620",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9CV10410"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.solidigm.com/support-page/support-security.htmlhttps://",
"refsource": "MISC",
"name": "https://www.solidigm.com/support-page/support-security.htmlhttps://"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
}

110
2024/47xxx/CVE-2024-47972.json
View File

@ -1,17 +1,119 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47972",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "Security@Solidigm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Resource Management"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Solidigm",
"product": {
"product_data": [
{
"product_name": "D7-P5510",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "JCV10300"
}
]
}
},
{
"product_name": "D5-P5316",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "ACV10340"
}
]
}
},
{
"product_name": "D7-P5520",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9CV10410"
}
]
}
},
{
"product_name": "D7-P5620",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9CV10410"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://https://www.solidigm.com/support-page/support-security.html",
"refsource": "MISC",
"name": "https://https://www.solidigm.com/support-page/support-security.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
}

262
2024/47xxx/CVE-2024-47976.json
View File

@ -1,17 +1,271 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47976",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "Security@Solidigm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control Management"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Solidigm",
"product": {
"product_data": [
{
"product_name": "DC P4510",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "VDV10194"
},
{
"version_affected": "=",
"version_value": "VEV10294"
},
{
"version_affected": "=",
"version_value": "VCV10394"
}
]
}
},
{
"product_name": "DC P4610",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "VCV10394"
},
{
"version_affected": "=",
"version_value": "VEV10294"
},
{
"version_affected": "=",
"version_value": "VDV10194"
}
]
}
},
{
"product_name": "D7-P5500",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2CV10C034"
}
]
}
},
{
"product_name": "D7-P5600",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2CV10C034"
}
]
}
},
{
"product_name": "D5-P5316",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "ACV1R330"
},
{
"version_affected": "=",
"version_value": "ACV1MA10"
},
{
"version_affected": "=",
"version_value": "ACV10340"
}
]
}
},
{
"product_name": "D7-P5520",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9CV1R410"
},
{
"version_affected": "=",
"version_value": "9CV1MA70"
},
{
"version_affected": "=",
"version_value": "9CV10410"
},
{
"version_affected": "=",
"version_value": "0.0.25-9CV10220"
}
]
}
},
{
"product_name": "D7-P5620",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9CV10410"
},
{
"version_affected": "=",
"version_value": "0.0.25-9CV10220"
}
]
}
},
{
"product_name": "DC P4511",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "VDV10194"
},
{
"version_affected": "=",
"version_value": "VEV10294"
},
{
"version_affected": "=",
"version_value": "VCV10394"
}
]
}
},
{
"product_name": "D5-P4320",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "VDV10194"
},
{
"version_affected": "=",
"version_value": "VEV10294"
},
{
"version_affected": "=",
"version_value": "VCV10394"
}
]
}
},
{
"product_name": "D5-P4326",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "VCV10394"
},
{
"version_affected": "=",
"version_value": "VEV10294"
},
{
"version_affected": "=",
"version_value": "VDV10194"
}
]
}
},
{
"product_name": "D7-P5510",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "JCV10404"
}
]
}
},
{
"product_name": "D7-P5628",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9CV1R410"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://https://www.solidigm.com/support-page/support-security.html",
"refsource": "MISC",
"name": "https://https://www.solidigm.com/support-page/support-security.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
]
}

18
2024/9xxx/CVE-2024-9601.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9601",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9602.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9602",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9603.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9603",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}